Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:BSA-060:0BDFE
HistoryNov 14, 2011 - 4:20 a.m.

[BSA-060] Security Update for openssl

2011-11-1404:20:38
lists.debian.org
19

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

10

Confidence

High

EPSS

0.305

Percentile

97.0%

JSON

Andres Salomon uploaded new packages for openssl which fixed the
following security problems:

CVE-2011-3210
Unsafe thread handling in ECDH ciphersuite allow denial of
service attack.

CVE-2011-1945
Timing attacks against ECDHE_ECDSA private keys.

CVE-2011-0014
Remote denial of service attacks possible or information leak
via malformed handshake messages.

For the lenny-backports distribution the problems have been fixed in
version 0.9.8o-4squeeze4~bpo50+1.

For the stable distribution (squeeze), the problems have been fixed in
version 0.9.8o-4squeeze4.
Attachment:
signature.asc
Description: PGP signature

OSVersionArchitecturePackageVersionFilename
Debian6kfreebsd-amd64libssl0.9.8<Ā 0.9.8o-4squeeze4libssl0.9.8_0.9.8o-4squeeze4_kfreebsd-amd64.deb
Debian6mipsellibssl0.9.8<Ā 0.9.8o-4squeeze4libssl0.9.8_0.9.8o-4squeeze4_mipsel.deb
Debian6allopenssl<Ā 0.9.8o-4squeeze4openssl_0.9.8o-4squeeze4_all.deb
Debian6amd64openssl<Ā 0.9.8o-4squeeze4openssl_0.9.8o-4squeeze4_amd64.deb
Debian6sparclibssl0.9.8<Ā 0.9.8o-4squeeze4libssl0.9.8_0.9.8o-4squeeze4_sparc.deb
Debian6sparcopenssl<Ā 0.9.8o-4squeeze4openssl_0.9.8o-4squeeze4_sparc.deb
Debian6kfreebsd-amd64libssl0.9.8-dbg<Ā 0.9.8o-4squeeze4libssl0.9.8-dbg_0.9.8o-4squeeze4_kfreebsd-amd64.deb
Debian6mipslibssl-dev<Ā 0.9.8o-4squeeze4libssl-dev_0.9.8o-4squeeze4_mips.deb
Debian6powerpclibcrypto0.9.8-udeb<Ā 0.9.8o-4squeeze4libcrypto0.9.8-udeb_0.9.8o-4squeeze4_powerpc.deb
Debian6amd64libssl0.9.8-dbg<Ā 0.9.8o-4squeeze4libssl0.9.8-dbg_0.9.8o-4squeeze4_amd64.deb
Rows per page:
1-10 of 561

Related

openvas 47
nessus 47
ubuntucve 3
cve 3
checkpoint_advisories 2
slackware 1
fedora 6
veracode 1
debiancve 3
altlinux 5
openssl 2
prion 3
cvelist 3
nvd 3
debian 2
securityvulns 10
redhat 1
ubuntu 2
f5 5
osv 1
cert 1
freebsd 1
oraclelinux 6
ibm 9
gentoo 2
lenovo 2
vmware 2
openvas
openvas
Mandriva Update for openssl MDVSA-2011:137 (openssl)
2011-09-30 00:00:00
Mandriva Update for openssl MDVSA-2011:137 (openssl)
2011-09-30 00:00:00
OpenSSL: TLS Ephemeral ECDH Crashes (20110906) - Linux
2021-08-16 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : openssl (MDVSA-2011:137)
2011-09-29 00:00:00
SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 7760)
2011-12-13 00:00:00
SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 7766)
2011-10-24 00:00:00
ubuntucve
ubuntucve
CVE-2011-3210
2011-09-22 00:00:00
CVE-2011-0014
2011-02-09 00:00:00
CVE-2011-1945
2011-05-31 00:00:00
cve
cve
CVE-2011-3210
2011-09-22 10:55:03
CVE-2011-0014
2011-02-19 01:00:01
CVE-2011-1945
2011-05-31 20:55:05
checkpoint_advisories
checkpoint_advisories
OpenSSL Handshake Sequence Cipher Suite Use-After-Free (CVE-2011-3210)
2012-05-14 00:00:00
OpenSSL Handshake Requests ECDH Use-After-Free (CVE-2011-3210)
2012-05-14 00:00:00
slackware
slackware
[slackware-security] openssl
2011-02-11 01:17:47
fedora
fedora
[SECURITY] Fedora 13 Update: mingw32-openssl-1.0.0-0.7.beta4.fc13
2011-05-01 20:55:36
[SECURITY] Fedora 15 Update: mingw32-openssl-1.0.0d-1.fc15
2011-04-28 19:24:32
[SECURITY] Fedora 14 Update: mingw32-openssl-1.0.0a-2.fc14
2011-05-01 20:55:18
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:59:10
debiancve
debiancve
CVE-2011-0014
2011-02-19 01:00:01
CVE-2011-3210
2011-09-22 10:55:03
CVE-2011-1945
2011-05-31 20:55:05
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.0d-alt1
2011-02-09 00:00:00
Security fix for the ALT Linux 7 package openssl10 version 1.0.0d-alt1
2011-02-09 00:00:00
Security fix for the ALT Linux 6 package openssl10 version 1.0.0d-alt1
2011-02-09 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2011-3210
2011-09-06 00:00:00
Vulnerability in OpenSSL CVE-2011-0014
2011-02-08 00:00:00
prion
prion
Code injection
2011-09-22 10:55:00
Spoofing
2011-02-19 01:00:00
Code injection
2011-05-31 20:55:00
cvelist
cvelist
CVE-2011-3210
2011-09-22 10:00:00
CVE-2011-0014
2011-02-18 23:00:00
CVE-2011-1945
2011-05-31 20:00:00
nvd
nvd
CVE-2011-0014
2011-02-19 01:00:01
CVE-2011-3210
2011-09-22 10:55:03
CVE-2011-1945
2011-05-31 20:55:05
debian
debian
[SECURITY] [DSA 2162-1] openssl security update
2011-02-14 15:22:27
[SECURITY] [DSA 2309-1] openssl security update
2011-09-13 22:59:43
securityvulns
securityvulns
OpenSSL DoS
2011-02-15 00:00:00
[SECURITY] [DSA 2162-1] openssl security update
2011-02-15 00:00:00
[SECURITY] [DSA 2309-1] openssl security update
2011-09-16 00:00:00
redhat
redhat
(RHSA-2011:0677) Moderate: openssl security, bug fix, and enhancement update
2011-05-19 00:00:00
ubuntu
ubuntu
OpenSSL vulnerability
2011-02-15 00:00:00
OpenSSL vulnerabilities
2012-02-09 00:00:00
f5
f5
K10534046 : OpenSSL vulnerability CVE-2011-0014
2019-06-27 00:00:00
K12998 : OpenSSL vulnerability CVE-2011-1945
2014-07-25 00:00:00
SOL12998 - OpenSSL vulnerability CVE-2011-1945
2011-08-02 00:00:00
osv
osv
openssl - compromised certificate authority
2011-09-13 00:00:00
cert
cert
OpenSSL leaks ECDSA private key through a remote timing attack
2011-05-17 00:00:00
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2011-09-06 00:00:00
oraclelinux
oraclelinux
openssl security, bug fix, and enhancement update
2011-05-28 00:00:00
openssl-fips security update
2015-04-02 00:00:00
openssl security update
2016-09-27 00:00:00
ibm
ibm
Security Bulletin: IBM XIV Storage System Gen3 (CVE-2011-4619, CVE-2011-4576, CVE-2011-3210, CVE-2012-4829)
2022-09-26 04:23:14
Security Bulletin: IBM InfoSphere Balanced Warehouse C3000, C4000 and D5100 and IBM Smart Analytics System 1050, 2050, 5600 and 5710 are affected by vulnerabilities in OpenSSL
2022-09-25 23:13:40
Security Bulletin: Tivoli Management Framework affected by vulnerabilities in OpenSSL versions prior to 1.0.0
2022-09-25 23:13:40
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2011-10-09 00:00:00
OpenSSL: Multiple Vulnerabilities
2013-12-03 00:00:00
lenovo
lenovo
IntelĀ® PROSet/Wireless WiFi Software Vulnerabilities - US
2018-11-13 17:10:51
IntelĀ® PROSet/Wireless WiFi Software Vulnerabilities - Lenovo Support US
2018-11-13 17:10:51
vmware
vmware
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

10

Confidence

High

EPSS

0.305

Percentile

97.0%

JSON
Related for DEBIAN:BSA-060:0BDFE
openvas47nessus47ubuntucve3cve3checkpoint_advisories2slackware1fedora6veracode1debiancve3altlinux5openssl2prion3cvelist3nvd3debian2securityvulns10redhat1ubuntu2f55osv1cert1freebsd1oraclelinux6ibm9gentoo2lenovo2vmware2