Test Kennung:	1.3.6.1.4.1.25623.1.0.807099
Kategorie:	General
Titel:	OpenSSL Multiple Vulnerabilities -02 Mar16 (Windows)
Zusammenfassung:	OpenSSL is prone to multiple vulnerabilities.
Beschreibung:	Summary: OpenSSL is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - The SSLv2 servers using OpenSSL accepted SSLv2 connection handshakes that indicated non-zero clear key length for non-export cipher suites. - The SSLv2 protocol implementation in OpenSSL did not properly implement the Bleichenbacher protection for export cipher suites. Vulnerability Impact: Successful exploitation will allow a remote attacker to decrypt TLS ciphertext data and to obtain sensitive information. Affected Software/OS: OpenSSL versions before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a. Solution: Upgrade to OpenSSL 1.0.2a or 1.0.1m or 1.0.0r or 0.9.8zf or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0703 BugTraq ID: 83743 http://www.securityfocus.com/bid/83743 Cisco Security Advisory: 20160302 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl FreeBSD Security Advisory: FreeBSD-SA-16:12 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:12.openssl.asc https://security.gentoo.org/glsa/201603-15 https://drownattack.com http://www.securitytracker.com/id/1035133 SuSE Security Announcement: SUSE-SU-2016:0617 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html SuSE Security Announcement: SUSE-SU-2016:0620 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html SuSE Security Announcement: SUSE-SU-2016:0621 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html SuSE Security Announcement: SUSE-SU-2016:0624 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html SuSE Security Announcement: SUSE-SU-2016:0631 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html SuSE Security Announcement: SUSE-SU-2016:0641 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html SuSE Security Announcement: SUSE-SU-2016:0678 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html SuSE Security Announcement: SUSE-SU-2016:1057 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html SuSE Security Announcement: openSUSE-SU-2016:0628 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html SuSE Security Announcement: openSUSE-SU-2016:0637 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html SuSE Security Announcement: openSUSE-SU-2016:0638 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html SuSE Security Announcement: openSUSE-SU-2016:0720 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html Common Vulnerability Exposure (CVE) ID: CVE-2016-0704 BugTraq ID: 83764 http://www.securityfocus.com/bid/83764
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.