11 matches found
Linux Distros Unpatched Vulnerability : CVE-2011-4109
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509VFLAGPOLICYCHECK is enabled, allows remote attackers to have an unspecified impact by...
SUSE: Security Advisory (SUSE-SU-2012:0084-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Juniper Junos Space < 14.1R1 Multiple Vulnerabilities (JSA10659)
According to its self-reported version number, the remote Junos Space version is prior to 14.1R1. It is, therefore, affected by multiple vulnerabilities in bundled third party software components : - Multiple vulnerabilities in the bundled OpenSSL CentOS package. CVE-2011-4109, CVE-2011-4576,...
SOL15460 - OpenSSL Vulnerability CVE-2011-4109
Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To mitigate this...
CentOS Update for openssl CESA-2012:0060 centos5
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Gentoo Security Advisory GLSA 201203-12 (openssl)
The remote host is missing updates announced in advisory GLSA 201203-12. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
Debian Security Advisory DSA 2390-1 (openssl)
The remote host is missing an update to openssl announced via advisory DSA 2390-1. OpenVAS Vulnerability Test $Id: deb23901.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2390-1 openssl Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
RedHat Update for openssl RHSA-2012:0060-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
SuSE 11.1 Security Update : OpenSSL (SAT Patch Number 5635)
Various security vulnerabilities have been fixed in OpenSSL : - DTLS plaintext recovery attack. CVE-2011-4108 - double-free in Policy Checks. CVE-2011-4109 - uninitialized SSL 3.0 padding. CVE-2011-4576 - malformed RFC 3779 data can cause assertion failures. CVE-2011-4577 - SGC restart DoS attack...
[SECURITY] [DSA 2390-1] openssl security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2390-1 [email protected] http://www.debian.org/security/ Florian Weimer January 15, 2012 http://www.debian.org/security/faq -...
CVE-2011-4109
CVE-2011-4109 affects OpenSSL 0.9.8 prior to 0.9.8s. The double-free occurs when X509_V_FLAG_POLICY_CHECK is enabled, allowing remote attackers to trigger a policy-check failure with an unspecified impact. Mitigation: upgrade to OpenSSL 0.9.8s or newer (as reflected in multiple advisories; apply ...