7 matches found
Security Bulletin: Aspera OnDemand is affected by openSSL vulnerabilities (CVE-2017-3738)
Summary Aspera OnDemand has addressed the following openSSL vulnerabilities. Vulnerability Details CVEID: CVE-2017-3738 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an overflow bug in the AVX2 Montgomery multiplication procedure used in...
EulerOS 2.0 SP3 : openssl (EulerOS-SA-2018-1179)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms...
Debian DSA-4157-1 : openssl - security update
Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2017-3738 David Benjamin of Google reported an overflow bug in the AVX2 Montgomery multiplication procedure used in...
openSUSE: Security Advisory for openssl (openSUSE-SU-2017:3345-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for openssl (important)
This update for openssl fixes the following issues: - OpenSSL Security Advisory 07 Dec 2017 CVE-2017-3737: OpenSSL 1.0.2 starting from version 1.0.2b introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error...
OpenSSL 1.1.0 < 1.1.0h Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 1.1.0h. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.0h advisory. - Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given maliciou...
OpenSSL Overflow Vulnerability (20171207, 20180327) - Windows
OpenSSL is prone to an overflow bug. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it...