OpenSSL 0.9.8v < 0.9.8w Vulnerability

The version of OpenSSL installed on the remote host is prior to 0.9.8w. It is, therefore, affected by a vulnerability as referenced in the 0.9.8w advisory. - Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, a...

Security Bulletin: IBM Tivoli Netcool System Service Monitors/Application Service Monitors is affected by multiple OpenSSL vulnerabilities

Abstract A number of security vulnerabilities have been discovered in the OpenSSL libraries included in IBM Tivoli Netcool System Service Monitors/Application Service Monitors. Content VULNERABILITY DETAILS: CVE Ids: CVE-2012-2131 CVE-2012-2110 CVE-2012-0884 CVE-2012-0050 CVE-2011-4108...

Security Bulletin: IBM Smart Analytics System 7600, 7700, and 7710 are affected by vulnerabilities in OpenSSL

Abstract A number of security vulnerabilities have been identified in the OpenSSL libraries that are part of the operating system software included with the vulnerable systems. Content VULNERABILITY DETAILS CVE IDs: CVE-2012-2131, CVE-2012-2110, CVE-2012-0884, CVE-2012-0050, CVE-2011-4108,...

Security Bulletin: IBM Sterling Connect:Enterprise for UNIX is affected by multiple vulnerabilities in OpenSSL

Abstract A number of security vulnerabilities have been discovered in the OpenSSL libraries included in IBM Sterling Connect:Enterprise for UNIX. Content VULNERABILITY DETAILS: CVE IDs : CVE-2012-2131 CVE-2012-2110 CVE-2012-0884 CVE-2012-0050 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-461...

OpenSSL: ASN1 BIO Incomplete Fix (20120424) - Linux

OpenSSL is prone to an incomplete fix. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute i...

OpenSSL: ASN1 BIO Incomplete Fix (20120424) - Windows

OpenSSL is prone to an incomplete fix. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute i...

SUSE: Security Advisory (SUSE-SU-2012:1149-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:0623-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SOL17454 - OpenSSL vulnerabilities CVE-2005-2946, CVE-2008-0891, and CVE-2012-2131

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

SuSE 11.1 Security Update : openssl (SAT Patch Number 6245)

This update of openssl fixes an integer conversation issue which could cause a heap-based memory corruption. CVE-2012-2110 Additionally, a check for negative buffer length values was added CVE-2012-2131 and the stack made non-executable by marking the enhanced Intel SSSE3 assembler code as not...

SuSE 10 Security Update : compat-openssl097g (ZYPP Patch Number 8262)

This compat-openssl097g rollup update contains various security fixes : - incorrect integer conversions in OpenSSL could have resulted in memory corruption during buffer management operations. CVE-2012-2131 / CVE-2012-2110 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description ...

SUSE-SU-2015:0543-1 Security update for compat-openssl097g

This compat-openssl097g rollup update contains various security fixes: CVE-2012-2131,CVE-2012-2110: incorrect integer conversions in OpenSSL can result in memory corruption during buffer management operations. Security Issue reference: CVE-2012-2110...

Mandriva Update for openssl0.9.8 MDVSA-2012:064 (openssl0.9.8)

Check for the Version of openssl0.9.8 OpenVAS Vulnerability Test Mandriva Update for openssl0.9.8 MDVSA-2012:064 openssl0.9.8 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Mandriva Update for openssl0.9.8 MDVSA-2012:064 (openssl0.9.8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Ubuntu: Security Advisory (USN-1428-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 2454-2] openssl incomplete fix

------------------------------------------------------------------------- Debian Security Advisory DSA-2454-2 [email protected] http://www.debian.org/security/ Raphael Geissert April 24, 2012 http://www.debian.org/security/faq -...

Mandriva Linux Security Advisory : openssl0.9.8 (MDVSA-2012:064)

It was discovered that the fix for CVE-2012-2110 MDVSA-2012:060 was not sufficient to correct the issue for OpenSSL 0.9.8. The updated packages have been upgraded to the 0.9.8w version which is not vulnerable to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 : openssl vulnerability (USN-1428-1)

It was discovered that the fix for CVE-2012-2110 was incomplete for OpenSSL 0.9.8. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. Ubuntu 11.10 was not affected by this issue...

CVE-2012-2131

CVE-2012-2131 refers to multiple integer signedness errors in OpenSSL 0.9.8v’s crypto/buffer/buffer.c, enabling remote attackers to mount buffer overflow attacks via crafted DER data (e.g., X.509 certs or RSA keys). This is noted as a consequence of an incomplete fix for CVE-2012-2110 and can lea...

CVE-2012-2131

Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, and cause a denial of service memory corruption or possibly have unspecified other impact, via crafted DER data, as demonstrated by an X.509 certificate or an...