Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2010:0173
HistoryMar 25, 2010 - 10:40 p.m.

openssl096b security update

2010-03-2522:40:26
CentOS Project
lists.centos.org
45

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.3%

JSON

CentOS Errata and Security Advisory CESA-2010:0173

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)
and Transport Layer Security (TLS v1) protocols, as well as a
full-strength, general purpose cryptography library.

It was discovered that OpenSSL did not always check the return value of the
bn_wexpand() function. An attacker able to trigger a memory allocation
failure in that function could cause an application using the OpenSSL
library to crash or, possibly, execute arbitrary code. (CVE-2009-3245)

All openssl096b users should upgrade to these updated packages, which
contain a backported patch to resolve this issue. For the update to take
effect, all programs using the openssl096b library must be restarted.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-March/078744.html
https://lists.centos.org/pipermail/centos-announce/2010-March/078745.html
https://lists.centos.org/pipermail/centos-announce/2010-March/078773.html
https://lists.centos.org/pipermail/centos-announce/2010-March/078774.html

Affected packages:
openssl096b

Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0173

OSVersionArchitecturePackageVersionFilename
CentOS3i386openssl096b<ย 0.9.6b-16.50openssl096b-0.9.6b-16.50.i386.rpm
CentOS3i386openssl096b<ย 0.9.6b-16.50openssl096b-0.9.6b-16.50.i386.rpm
CentOS3i386openssl096b<ย 0.9.6b-16.50openssl096b-0.9.6b-16.50.i386.rpm
CentOS3x86_64openssl096b<ย 0.9.6b-16.50openssl096b-0.9.6b-16.50.x86_64.rpm
CentOS3i386openssl096b<ย 0.9.6b-16.50openssl096b-0.9.6b-16.50.i386.rpm
CentOS3x86_64openssl096b<ย 0.9.6b-16.50openssl096b-0.9.6b-16.50.x86_64.rpm
CentOS4i386openssl096b<ย 0.9.6b-22.46.el4_8.1openssl096b-0.9.6b-22.46.el4_8.1.i386.rpm
CentOS4i386openssl096b<ย 0.9.6b-22.46.el4_8.1openssl096b-0.9.6b-22.46.el4_8.1.i386.rpm
CentOS4i386openssl096b<ย 0.9.6b-22.46.el4_8.1openssl096b-0.9.6b-22.46.el4_8.1.i386.rpm
CentOS4x86_64openssl096b<ย 0.9.6b-22.46.el4_8.1openssl096b-0.9.6b-22.46.el4_8.1.x86_64.rpm
Rows per page:
1-10 of 121

Related

prion 1
oraclelinux 3
f5 2
cve 1
openvas 45
openssl 1
ubuntucve 1
veracode 1
nessus 37
redhat 4
debiancve 1
suse 1
ubuntu 1
centos 2
securityvulns 3
fedora 4
ibm 1
altlinux 4
vmware 2
gentoo 1
lenovo 2
prion
prion
Design/Logic Flaw
2010-03-05 19:30:00
oraclelinux
oraclelinux
openssl096b security update
2010-03-25 00:00:00
openssl security update
2010-03-25 00:00:00
openssl security update
2010-12-13 00:00:00
f5
f5
K15404 : OpenSSL vulnerability CVE-2009-3245
2014-07-14 00:00:00
SOL15404 - OpenSSL vulnerability CVE-2009-3245
2014-07-14 00:00:00
cve
cve
CVE-2009-3245
2010-03-05 19:30:00
openvas
openvas
RedHat Update for openssl096b RHSA-2010:0173-02
2010-03-31 00:00:00
CentOS Update for openssl096b CESA-2010:0173 centos4 i386
2010-03-31 00:00:00
CentOS Update for openssl096b CESA-2010:0173 centos3 i386
2010-03-31 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2009-3245
2010-02-23 00:00:00
ubuntucve
ubuntucve
CVE-2009-3245
2010-03-05 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:45:17
nessus
nessus
Oracle Linux 3 / 4 : openssl096b (ELSA-2010-0173)
2013-07-12 00:00:00
Scientific Linux Security Update : openssl096b on SL3.x, SL4.x i386/x86_64
2012-08-01 00:00:00
CentOS 3 / 4 : openssl096b (CESA-2010:0173)
2010-03-26 00:00:00
redhat
redhat
(RHSA-2010:0173) Important: openssl096b security update
2010-03-25 00:00:00
(RHSA-2010:0162) Important: openssl security update
2010-03-25 00:00:00
(RHSA-2010:0977) Moderate: openssl security update
2010-12-13 00:00:00
debiancve
debiancve
CVE-2009-3245
2010-03-05 19:30:00
suse
suse
remote denial of service, man in the middle in openssl
2010-04-06 16:55:06
ubuntu
ubuntu
OpenSSL vulnerabilities
2010-10-07 00:00:00
centos
centos
openssl security update
2010-03-27 17:30:13
openssl security update
2011-01-27 09:11:13
securityvulns
securityvulns
[ MDVSA-2010:076-1 ] openssl
2010-04-22 00:00:00
About the security content of Mac OS X v10.6.8 and Security Update 2011-004
2011-07-04 00:00:00
Apple Mac OS X multiple security vulnerabilities
2011-07-06 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: openssl-1.0.0-1.fc13
2010-04-09 03:42:47
[SECURITY] Fedora 12 Update: openssl-1.0.0-4.fc12
2010-05-25 18:42:18
[SECURITY] Fedora 11 Update: openssl-0.9.8n-1.fc11
2010-04-16 23:49:46
ibm
ibm
Security Bulletin: This Power System update is being released to address multiple CVEs for vTPM1.2
2022-12-05 23:45:43
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 0.9.8m-alt1
2010-02-26 00:00:00
Security fix for the ALT Linux 6 package openssl10 version 0.9.8m-alt1
2010-02-26 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 0.9.8m-alt1
2010-02-26 00:00:00
vmware
vmware
VMware ESX third party updates for Service Console
2010-09-30 00:00:00
VMware ESX third party updates for Service Console
2010-09-30 00:00:00
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2011-10-09 00:00:00
lenovo
lenovo
Intelยฎ PROSet/Wireless WiFi Software Vulnerabilities - US
2018-11-13 17:10:51
Intelยฎ PROSet/Wireless WiFi Software Vulnerabilities - Lenovo Support US
2018-11-13 17:10:51

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.3%

JSON
Related for CESA-2010:0173
prion1oraclelinux3f52cve1openvas45openssl1ubuntucve1veracode1nessus37redhat4debiancve1suse1ubuntu1centos2securityvulns3fedora4ibm1altlinux4vmware2gentoo1lenovo2