Anfälligkeitssuche        Suche in 191973 CVE Beschreibungen
und 86218 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.882339
Kategorie:CentOS Local Security Checks
Titel:CentOS Update for openssl CESA-2015:2616 centos5
Zusammenfassung:Check the version of openssl
Beschreibung:Summary:
Check the version of openssl

Vulnerability Insight:
OpenSSL is a toolkit that implements the
Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
protocols, as well as a full-strength, general purpose cryptography library.

A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and
CMS data. A remote attacker could use this flaw to cause an application
that parses PKCS#7 or CMS data from untrusted sources to use an excessive
amount of memory and possibly crash. (CVE-2015-3195)

All openssl users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. For the update to take
effect, all services linked to the OpenSSL library must be restarted, or
the system rebooted.

Affected Software/OS:
openssl on CentOS 5

Solution:
Please install the updated packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-3195
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
BugTraq ID: 78626
http://www.securityfocus.com/bid/78626
BugTraq ID: 91787
http://www.securityfocus.com/bid/91787
Cisco Security Advisory: 20151204 Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl
Debian Security Information: DSA-3413 (Google Search)
http://www.debian.org/security/2015/dsa-3413
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173801.html
HPdes Security Advisory: HPSBGN03536
http://marc.info/?l=bugtraq&m=145382583417444&w=2
RedHat Security Advisories: RHSA-2015:2616
http://rhn.redhat.com/errata/RHSA-2015-2616.html
RedHat Security Advisories: RHSA-2015:2617
http://rhn.redhat.com/errata/RHSA-2015-2617.html
RedHat Security Advisories: RHSA-2016:2056
http://rhn.redhat.com/errata/RHSA-2016-2056.html
RedHat Security Advisories: RHSA-2016:2957
http://rhn.redhat.com/errata/RHSA-2016-2957.html
http://www.securitytracker.com/id/1034294
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583
SuSE Security Announcement: SUSE-SU-2016:0678 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html
SuSE Security Announcement: openSUSE-SU-2015:2288 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html
SuSE Security Announcement: openSUSE-SU-2015:2289 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html
SuSE Security Announcement: openSUSE-SU-2015:2318 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00087.html
SuSE Security Announcement: openSUSE-SU-2015:2349 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-12/msg00103.html
SuSE Security Announcement: openSUSE-SU-2016:0637 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html
SuSE Security Announcement: openSUSE-SU-2016:0640 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
http://www.ubuntu.com/usn/USN-2830-1
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

Dies ist nur einer von 86218 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.