Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-3611-2
HistoryApr 17, 2018 - 12:00 a.m.

OpenSSL vulnerabilities

2018-04-1700:00:00
ubuntu.com
45

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.028 Low

EPSS

Percentile

90.5%

JSON

Releases

  • Ubuntu 12.04

Packages

  • openssl - Secure Socket Layer (SSL) cryptographic library and tools

Details

USN-3611-1 fixed a vulnerability in OpenSSL. This update provides
the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

It was discovered that OpenSSL incorrectly parsed the IPAddressFamily
extension in X.509 certificates, resulting in an erroneous display of the
certificate in text format. (CVE-2017-3735)

It was discovered that OpenSSL incorrectly handled certain ASN.1 types. A
remote attacker could possibly use this issue to cause a denial of service.
(CVE-2018-0739)

OSVersionArchitecturePackageVersionFilename
Ubuntu12.04noarchlibssl1.0.0< 1.0.1-4ubuntu5.40UNKNOWN
Ubuntu12.04noarchopenssl< 1.0.1-4ubuntu5.40UNKNOWN

Related

openvas 32
ibm 39
amazon 2
nessus 59
centos 2
redhat 3
oraclelinux 6
redhatcve 2
osv 7
f5 2
debian 5
checkpoint_advisories 1
veracode 3
alpinelinux 2
debiancve 2
prion 2
openssl 2
aix 2
cve 2
suse 8
ubuntucve 2
altlinux 4
mageia 1
cloudfoundry 1
broadcom 1
huawei 1
fedora 4
ubuntu 1
slackware 1
openvas
openvas
Ubuntu: Security Advisory (USN-3611-2)
2022-08-26 00:00:00
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-1009)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-1201)
2020-01-23 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in OpenSSL affects Power Hardware Management Console
2021-09-22 23:05:38
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities (CVE-2018-0732, CVE-2018-0739, CVE-2017-3735)
2019-07-19 10:10:01
Security Bulletin: Vulnerabilities in OpenSSL affect PowerKVM
2018-12-17 15:00:02
amazon
amazon
Medium: openssl
2018-12-05 23:20:00
Medium: openssl
2018-11-07 22:07:00
nessus
nessus
Amazon Linux AMI : openssl (ALAS-2018-1102)
2018-12-07 00:00:00
Amazon Linux 2 : openssl (ALAS-2018-1102)
2018-11-09 00:00:00
EulerOS Virtualization 2.5.4 : openssl (EulerOS-SA-2019-1201)
2019-04-09 00:00:00
centos
centos
openssl security update
2018-11-15 18:50:49
OVMF security update
2018-11-15 18:50:56
redhat
redhat
(RHSA-2018:3221) Moderate: openssl security, bug fix, and enhancement update
2018-10-30 04:31:37
(RHSA-2018:3090) Moderate: ovmf security, bug fix, and enhancement update
2018-10-30 04:17:40
(RHSA-2019:1711) Moderate: Red Hat JBoss Web Server 3.1 Service Pack 7 security and bug fix update
2019-07-09 12:30:05
oraclelinux
oraclelinux
openssl security update
2018-11-06 00:00:00
openssl security, bug fix, and enhancement update
2018-11-05 00:00:00
openssl security update
2018-06-25 00:00:00
redhatcve
redhatcve
CVE-2017-3735
2019-11-06 04:24:26
CVE-2018-0739
2019-10-08 11:45:23
osv
osv
openssl - security update
2017-11-02 00:00:00
CVE-2017-3735
2017-08-28 19:29:01
openssl - security update
2017-11-04 00:00:00
f5
f5
K21462542 : OpenSSL vulnerability CVE-2017-3735
2017-10-13 00:00:00
K08044291 : OpenSSL vulnerability CVE-2018-0739
2018-04-13 00:00:00
debian
debian
[SECURITY] [DLA-1157-1] openssl security update
2017-11-09 15:30:17
[SECURITY] [DSA 4158-1] openssl1.0 security update
2018-03-29 21:40:38
[SECURITY] [DLA 1330-1] openssl security update
2018-03-30 15:24:31
checkpoint_advisories
checkpoint_advisories
OpenSSL X.509 IPAddressFamily Extension Parsing Out-of-Bounds Read (CVE-2017-3735)
2017-09-06 00:00:00
veracode
veracode
Buffer Overread
2017-08-29 00:42:31
Denial Of Service (DoS)
2018-03-28 08:40:32
Denial Of Service (DoS)
2019-01-15 09:26:40
alpinelinux
alpinelinux
CVE-2017-3735
2017-08-28 19:29:00
CVE-2018-0739
2018-03-27 21:29:00
debiancve
debiancve
CVE-2017-3735
2017-08-28 19:29:00
CVE-2018-0739
2018-03-27 21:29:00
prion
prion
Design/Logic Flaw
2017-08-28 19:29:00
Design/Logic Flaw
2018-03-27 21:29:00
openssl
openssl
Vulnerability in OpenSSL CVE-2017-3735
2017-08-28 00:00:00
Vulnerability in OpenSSL CVE-2018-0739
2018-03-27 00:00:00
aix
aix
Vulnerability in OpenSSL affects AIX
2017-12-14 14:57:00
Vulnerability in OpenSSL affects AIX (CVE-2018-0739)
2018-04-30 11:00:38
cve
cve
CVE-2017-3735
2017-08-28 19:29:00
CVE-2018-0739
2018-03-27 21:29:00
suse
suse
Security update for openssl1 (important)
2017-11-10 09:18:31
Security update for openssl (important)
2017-11-10 18:14:09
Security update for ovmf (moderate)
2018-08-06 15:11:10
ubuntucve
ubuntucve
CVE-2017-3735
2017-08-28 00:00:00
CVE-2018-0739
2018-03-27 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package openssl1.1 version 1.0.2o-alt1
2018-03-27 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.2o-alt1
2018-03-27 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 1.0.2o-alt1
2018-03-27 00:00:00
mageia
mageia
Updated openssl packages fix security vulnerability
2018-04-03 21:48:20
cloudfoundry
cloudfoundry
USN-3611-1: OpenSSL vulnerability | Cloud Foundry
2018-05-02 00:00:00
broadcom
broadcom
DOS for Handling of crafted recursive ASN.1 structures
2023-08-01 00:00:00
huawei
huawei
Security Advisory - OpenSSL Vulnerability in Some Huawei Products
2018-06-13 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: compat-openssl10-1.0.2o-1.fc27
2018-04-09 19:10:19
[SECURITY] Fedora 28 Update: compat-openssl10-1.0.2o-1.fc28
2018-04-09 13:30:37
[SECURITY] Fedora 26 Update: compat-openssl10-1.0.2o-1.fc26
2018-04-09 18:36:03
ubuntu
ubuntu
OpenSSL vulnerability
2018-03-28 00:00:00
slackware
slackware
[slackware-security] openssl
2018-03-29 03:28:30

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.028 Low

EPSS

Percentile

90.5%

JSON
Related for USN-3611-2
openvas32ibm39amazon2nessus59centos2redhat3oraclelinux6redhatcve2osv7f52debian5checkpoint_advisories1veracode3alpinelinux2debiancve2prion2openssl2aix2cve2suse8ubuntucve2altlinux4mageia1cloudfoundry1broadcom1huawei1fedora4ubuntu1slackware1