Debian Security Advisory DSA 2390-1 (openssl)

The remote host is missing an update to openssl announced via advisory DSA 2390-1. OpenVAS Vulnerability Test $Id: deb23901.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2390-1 openssl Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

CVE-2011-4354

crypto/bn/bnnist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows...

[SECURITY] [DSA 2390-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2390-1 [email protected] http://www.debian.org/security/ Florian Weimer January 15, 2012 http://www.debian.org/security/faq -...