19 matches found
F5 Networks BIG-IP : OpenSSL vulnerability (SOL8108)
F5 Product Development has determined that the BIG-IP and Enterprise Manager products use a vulnerable version of OpenSSL; however, the vulnerable code is not used in either TMM or in Apache on the BIG-IP system.The vulnerability is considered to be a local vulnerability and cannot be exploited...
Oracle Linux 3 : openssl (ELSA-2007-0813)
From Red Hat Security Advisory 2007:0813 : Updated OpenSSL packages that correct security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements Secu...
VMSA-2008-0013 : Updated ESX packages for OpenSSL, net-snmp, perl
I Security Issues a. OpenSSL Binaries Updated This fix updates the third-party OpenSSL library. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2007-3108 and CVE-2007-5135 to the issues addressed by this update. II Service Console rpm updates a. net-snmp...
VMSA-2008-0001 : Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
I Service Console package security updates a. OpenPegasus PAM Authentication Buffer Overflow Alexander Sotirov from VMware Security Research discovered a buffer overflow vulnerability in the OpenPegasus Management server. This flaw could be exploited by a malicious remote user on the service...
Mandriva Update for openssl MDKSA-2007:193 (openssl)
Check for the Version of openssl OpenVAS Vulnerability Test Mandriva Update for openssl MDKSA-2007:193 openssl Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Mandriva Update for openssl MDKSA-2007:193 (openssl)
Check for the Version of openssl OpenVAS Vulnerability Test Mandriva Update for openssl MDKSA-2007:193 openssl Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Ubuntu: Security Advisory (USN-522-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for openssl FEDORA-2007-2530
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Gentoo Security Advisory GLSA 200710-06 (openssl)
The remote host is missing updates announced in advisory GLSA 200710-06. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
VMSA-2008-0013:Updated ESX packages for OpenSSL, net-snmp, perl
VMSA-2008-0013.4 Updated ESX packages for OpenSSL, net-snmp, perl VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0013.4 VMware Security AdvisorySynopsis: Updated ESX packages for OpenSSL, net-snmp, perl VMware Security AdvisoryIssue date: 2008-08-12 VMware Security...
RHEL 4 : openssl (RHSA-2007:1003)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2007:1003 advisory. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, and is also a...
CentOS 3 : openssl (CESA-2007:0813)
Updated OpenSSL packages that correct security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport...
RHEL 2.1 / 3 : openssl (RHSA-2007:0813)
Updated OpenSSL packages that correct security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport...
openssl security update
CentOS Errata and Security Advisory CESA-2007:0813-01 Updated OpenSSL packages that correct security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that...
Moderate: Red Hat Security Advisory: openssl security update
Updated OpenSSL packages that correct security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport...
USN-522-1: openssl vulnerabilities
It was discovered that OpenSSL did not correctly perform Montgomery multiplications. Local attackers might be able to reconstruct RSA private keys by examining another user's OpenSSL processes. CVE-2007-3108 Moritz Jodeit discovered that OpenSSL's SSLgetsharedciphers function did not correctly...
DEBIAN-CVE-2007-3108
The BNfrommontgomery function in crypto/bn/bnmont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys...
CVE-2007-3108
OpenSSL CVE-2007-3108 affects OpenSSL 0.9.8e and earlier due to a faulty Montgomery multiplication path in BN_from_montgomery, enabling a local side-channel attack to potentially recover RSA private keys. Public advisories confirm multiple vendors released patches; Debian notes a backported fix a...
CVE-2007-3108
The BNfrommontgomery function in crypto/bn/bnmont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys...