TencentOS Server 2: openssl (TSSA-2023:0332)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0332 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

Siemens SCALANCE X-200RNA Switch Devices Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2017-3735)

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g. This plugin onl...

Linux Distros Unpatched Vulnerability : CVE-2017-3735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of...

F5 Networks BIG-IP : OpenSSL vulnerability (K21462542)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.0.0 / 15.0.0. It is, therefore, affected by a vulnerability as referenced in the K21462542 advisory. - While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This...

Oracle Linux 6 : openssl (ELSA-2018-4187)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-4187 advisory. 1.0.1e-57.0.3 - Avoid out-of-bounds read. Fixes CVE 2017-3735. By Rich Salz Tenable has extracted the preceding description block directly from the Oracle Linux...

Security Bulletin: Multiple security vulnerabilities have been identified in Open SSL, which is shipped with IBM Tivoli Network Manager IP Edition.

Summary Open SSL is shipped with IBM Tivoli Network Manager IP Edition version 3.9. Information about security vulnerabilities affecting Open SSL has been published here. Vulnerability Details CVEID: CVE-2017-3735 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information,...

Huawei EulerOS: Security Advisory for shim-signed (EulerOS-SA-2023-1748)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openssl security update

1.0.1e-59.0.4 - Backport fixes for CVE-2023-0286 Orabug: 35212597 1.0.1e-59.0.3 - Fix possible infinite loop in BNmodsqrt CVE-2022-0778Orabug: 33969800 1.0.1e-59.0.1 - Backport fixes for CVE-2020-1971 Orabug: 32654738 1.0.1e-58.0.1 - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug...

Security Bulletin: IBM MQ Advanced Message Security is vulnerable to an OpenSSL error while parsing an IPAdressFamily extension in an X.509 certificate. (CVE-2017-3735)

Summary IBM MQ have addressed a vulnerability whereby OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error while parsing an IPAdressFamily extension in an X.509 certificate. OpenSSL is used by IBM MQ Advanced Message Security on the IBM i platform only...

Security Bulletin: IBM InfoSphere Master Data Management is vulnerable to OpenSSLvulnerability (CVE-2017-3735)

Summary IBM InfoSphere Master Data Management is vulnerable to OpenSSL vulnerability that could allow an attacker to obtain sensitive information by triggering an out-of-bounds read and resulting in the incorrect text display of the certificate. Vulnerability Details CVEID: CVE-2017-3735...

Security Bulletin: IBM Spectrum Control (formerly IBM Tivoli Storage Productivity Center) is affected by OpenSSL vulnerabilities (CVE-2017-3735, CVE-2017-3736, CVE-2017-3737, CVE-2017-3738)

Summary OpenSSL vulnerabilities were disclosed August, November, and December 2017 by the OpenSSL Project. OpenSSL, used by IBM Spectrum Control formerly Tivoli Storage Productivity Center, has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-3735 DESCRIPTION: OpenSSL could...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2021-2785)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerability in OpenSSL affects Power Hardware Management Console

Summary Linux OpenSSL is vulnerable to a denial of service, affected by CVES : CVE-2017-3735, CVE-2018-0732, CVE-2018-0739. Vulnerability Details VEID: CVE-2018-0732 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a...

SUSE: Security Advisory (SUSE-SU-2018:0002-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2968-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:0293-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: OpenSSL vulnerabilities affect IBM Rational Team Concert

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by Rational BuildForge Agent shipped with IBM Rational Team Concert. Rational BuildForge has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-3735 DESCRIPTION: OpenSSL could allow a remote...

SUSE: Security Advisory (SUSE-SU-2017:3169-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2981-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.6 : openssl098e (EulerOS-SA-2021-1506)

According to the version of the openssl098e package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result ...