Test Kennung:	1.3.6.1.4.1.25623.1.0.71702
Kategorie:	Ubuntu Local Security Checks
Titel:	Ubuntu USN-1424-1 (libssl1.0.0)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to libssl1.0.0 announced via advisory USN-1424-1. Details: It was discovered that OpenSSL could be made to dereference a NULL pointer when processing S/MIME messages. A remote attacker could use this to cause a denial of service. These issues did not affect Ubuntu 8.04 LTS. (CVE-2006-7250, CVE-2012-1165) Tavis Ormandy discovered that OpenSSL did not properly perform bounds checking when processing DER data via BIO or FILE functions. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. (CVE-2012-2110) Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: libssl1.0.0 1.0.0e-2ubuntu4.4 Ubuntu 11.04: libssl0.9.8 0.9.8o-5ubuntu1.4 Ubuntu 10.04 LTS: libssl0.9.8 0.9.8k-7ubuntu8.10 Ubuntu 8.04 LTS: libssl0.9.8 0.9.8g-4ubuntu3.17 http://www.securityspace.com/smysecure/catid.html?in=USN-1424-1 CVSS Score: 7.5 CVSS Vector: AV:L/AC:L/Au:NR/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2006-7250 BugTraq ID: 52181 http://www.securityfocus.com/bid/52181 HPdes Security Advisory: HPSBUX02782 http://marc.info/?l=bugtraq&m=133728068926468&w=2 HPdes Security Advisory: SSRT100844 http://marc.info/?l=openssl-dev&m=115685408414194&w=2 http://www.mail-archive.com/openssl-dev@openssl.org/msg30305.html http://www.openwall.com/lists/oss-security/2012/02/27/10 http://www.openwall.com/lists/oss-security/2012/02/28/14 http://www.redhat.com/support/errata/RHSA-2009-1335.html http://secunia.com/advisories/36533 http://secunia.com/advisories/48153 http://secunia.com/advisories/48516 http://secunia.com/advisories/48899 http://www.ubuntu.com/usn/USN-1424-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-1165 BugTraq ID: 52764 http://www.securityfocus.com/bid/52764 Debian Security Information: DSA-2454 (Google Search) http://www.debian.org/security/2012/dsa-2454 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077666.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077221.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077086.html HPdes Security Advisory: HPSBMU02786 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 HPdes Security Advisory: HPSBOV02793 http://marc.info/?l=bugtraq&m=134039053214295&w=2 HPdes Security Advisory: SSRT100877 HPdes Security Advisory: SSRT100891 http://www.openwall.com/lists/oss-security/2012/03/12/3 http://www.openwall.com/lists/oss-security/2012/03/12/6 http://www.openwall.com/lists/oss-security/2012/03/12/7 http://www.openwall.com/lists/oss-security/2012/03/13/2 RedHat Security Advisories: RHSA-2012:0426 http://rhn.redhat.com/errata/RHSA-2012-0426.html RedHat Security Advisories: RHSA-2012:0488 http://rhn.redhat.com/errata/RHSA-2012-0488.html RedHat Security Advisories: RHSA-2012:0531 http://rhn.redhat.com/errata/RHSA-2012-0531.html RedHat Security Advisories: RHSA-2012:1306 http://rhn.redhat.com/errata/RHSA-2012-1306.html RedHat Security Advisories: RHSA-2012:1307 http://rhn.redhat.com/errata/RHSA-2012-1307.html RedHat Security Advisories: RHSA-2012:1308 http://rhn.redhat.com/errata/RHSA-2012-1308.html http://www.securitytracker.com/id?1026787 http://secunia.com/advisories/48580 http://secunia.com/advisories/48895 Common Vulnerability Exposure (CVE) ID: CVE-2012-2110 http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html BugTraq ID: 53158 http://www.securityfocus.com/bid/53158 http://www.exploit-db.com/exploits/18756 http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079149.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080176.html http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079299.html http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0209.html HPdes Security Advisory: HPSBMU02776 http://marc.info/?l=bugtraq&m=133951357207000&w=2 HPdes Security Advisory: HPSBMU02900 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862 HPdes Security Advisory: SSRT100852 HPdes Security Advisory: SSRT101210 http://www.mandriva.com/security/advisories?name=MDVSA-2012:060 http://osvdb.org/81223 RedHat Security Advisories: RHSA-2012:0518 http://rhn.redhat.com/errata/RHSA-2012-0518.html RedHat Security Advisories: RHSA-2012:0522 http://rhn.redhat.com/errata/RHSA-2012-0522.html http://www.securitytracker.com/id?1026957 http://secunia.com/advisories/48847 http://secunia.com/advisories/48942 http://secunia.com/advisories/48999 http://secunia.com/advisories/57353 SuSE Security Announcement: SUSE-SU-2012:0623 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00014.html SuSE Security Announcement: SUSE-SU-2012:0637 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00015.html SuSE Security Announcement: SUSE-SU-2012:1149 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00007.html
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.